Approved Lists

Approved lists allow messages from approved senders to bypass IP-level filtering. The Approved lists are not applied to your MTA, but you can set up additional approved or blocked senders, or perform additional filtering at your MTA. The trade-off for bypassing IP filtering is the additional resources that are needed to process, filter, and store the higher levels of spam messages that would otherwise have been blocked.

In the case of a standard reputation (Known Spam Source List) service lookup, the order of the evaluation hierarchy is:

  1. Approved IP

  2. Blocked IP

  3. Approved country

  4. Blocked country

For dynamic reputation (QIL) service lookup, the customer-defined “blocked policy lists” (IP, Country) are ignored and only the Approved lists are checked. Otherwise, the order of policy lookup (first IP, then country) is the same as for standard reputation (Known Spam Source List) service.

Avoid specifying overlapping CIDR ranges in the Approved and Block lists because the Block list might take priority over the Approved list.

To add to the Approved list:

  1. Open the following URL:

    https://www.ers.trendmicro.com

  2. Click Policy > Approved Lists.
  3. Select the country and click Add >. The name of the chosen country should move to the right frame.
    Warning:

    Be very selective when adding a country as you might also be adding known spammers to the approved list.

  4. Specify the IPv4 or IPv6 address and click Add >. The IP address should move to the right frame.

    When specifying the IP address, you can use either of the following:

    • Standard IPv4 format: 123.123.123.123

    • IPv4 IP address range in CIDR notation: 123.123.123.123/24

      Note:

      Avoid specifying the same CIDR range in the Approved and Blocked lists, as unexpected results might occur. If required, the approved CIDR range must be less than or equal to the blocked CIDR range.

      For example, avoid specifying 172.31.15.164/30 in the Approved list and 172.31.15.164/31 in the Blocked list

    • Standard IPv6 format:

      • 2001:0db7:85a3:0000:0000:8a2e:0370:7334

      • 2001:db7:85a3:0:0:8a2e:370:7334

      • 2001:db7:85a3::8a2e:370:7334

  5. Click Save.
Parent topic: Managing the Policy